gentoo auto-resync : 08:03:2024 - 19:07:58

4 files changed, 138 insertions, 0 deletions

diff --git a/app-crypt/Manifest.gz b/app-crypt/Manifest.gz
index 6a967e71d0cf..8d82a224de06 100644
--- a/app-crypt/Manifest.gz
+++ b/app-crypt/Manifest.gz
diff --git a/app-crypt/tpm2-tss/Manifest b/app-crypt/tpm2-tss/Manifest
index 394e51c9421e..a62b3cd1e086 100644
--- a/app-crypt/tpm2-tss/Manifest
+++ b/app-crypt/tpm2-tss/Manifest
@@ -1,5 +1,7 @@
 AUX tpm2-tss-4.0.0-Dont-install-files-into-run.patch 880 BLAKE2B 8ae9b55e853dcd117730eebc274252ea7afc4e3e415eafb21d3994690687cc9daa796a97536597da8cbfc4f54567cbb678fe61ba4eb4fdc1dee6d851d472efa3 SHA512 811dd1d2597557cf9fd08d7231cd5f48a8dd9dc76adf33bc4a0ee978dc8973fc5309bdc7386cbd9878b78dba1b4a8ecf9c2e2f856c887b141a423f0d94e3244e
+AUX tpm2-tss-4.0.1-Do-not-consider-failures-to-write-files-in-sys-hard.patch 1493 BLAKE2B 4e22a79f54758295905625ce907ee1d718ec8ab34e1917f376c2e318beabbcd424588458bb0360757d8027b87ca7fb14279585fb35e29a7bd53d7eb3fdb43c99 SHA512 f4badedc611e9903daa034306c6cca3b0a3f3ed56350af18f48586c67ffba9f4b5cc8784e4d008b123b885c33b7a3fbfd1c5bc846aa35ab648cd48be3476deb1
 AUX tpm2-tss-4.0.1-Make-sysusers-and-tmpfiles-optional.patch 1814 BLAKE2B 259a2b4618eeaf34228a07d6e9479658e04b7e36affa6d8d894563014a3f9ba571f1676623b744c1158ceb2fd738fe627fad76014b1893471a9467da41847f2e SHA512 78f1f6d5a448f29fd5dfbfadfb1913464d8e55eabebc9c0eca16c70031bcee9198742b1567eba2bae444cf11e32bea3c3663db155eb1e8da750ba8bb78d725c0
 DIST tpm2-tss-4.0.1.tar.gz 1787139 BLAKE2B 627cdefeff6c64148f9da1425922a0a7a72debcee4930ffab208a3b9b66127c2d4f923e3e105bfd45410cdb13c19cb40cc15a720e9a05dd32ff622dabf5fcc32 SHA512 ed6ddc52cb0e8c1082a4bb001e1225eb9905fd2380da88db5fd69ff5b5d9d43a93eb67b634e49d53eb5d586832da3aef2c4c7e5f18d51bb730481f8913319d7d
+EBUILD tpm2-tss-4.0.1-r1.ebuild 2588 BLAKE2B b9a58449aa540dd800e5453091c464edeba60987e0119044cf0caccfbb14ef7d15c7fc28ee27d45d80044f4b6d4df9c56cbead18fffd4819afd53dde921692f0 SHA512 bad17cc8511c05ff8295c1812ac78f48c097563efe2224d9bcf6d3f1cd131149571596f1fc47a7423ee10b88b7221ae8f52bbe05a01ab402369a66ba0a8e62d5
 EBUILD tpm2-tss-4.0.1.ebuild 2492 BLAKE2B a31affba60e4b53ba69ba9bc3dece3bfca550cad98eb21d5cabb4b24e427b321fdb4104cabe6676e8128719d1e0dbf8992ad778df025f2709aefe078e01c3458 SHA512 502461ec7f03aba7d346ede6db2b0f365f16c5e37d4272f27467f62d84c09c12258994f22733f33e3869fa90fefe1fb2e3004e4ec38e5276a67f1ada32442749
 MISC metadata.xml 835 BLAKE2B 58fcbb63b8fd77dd42f081e060cec1fc5593d13ad9237bd644462fd839a1fea9936342d5339a3ec8d339106ca6074c73ac31e7546feb0f1c5f0f212b21831d8a SHA512 941bfce986619b387410d49fe046218a388243c257a3164293033f8ebb4e2d64d7ff06d35dd4ef770a9e9194035839d68dcf1f00edbe439272c2e9c01ecb3c6b
diff --git a/app-crypt/tpm2-tss/files/tpm2-tss-4.0.1-Do-not-consider-failures-to-write-files-in-sys-hard.patch b/app-crypt/tpm2-tss/files/tpm2-tss-4.0.1-Do-not-consider-failures-to-write-files-in-sys-hard.patch
new file mode 100644
index 000000000000..83f123ffdc52
--- /dev/null
+++ b/app-crypt/tpm2-tss/files/tpm2-tss-4.0.1-Do-not-consider-failures-to-write-files-in-sys-hard.patch
@@ -0,0 +1,27 @@
+From 0632885d08917092ffc8d98febd158745a74465a Mon Sep 17 00:00:00 2001
+From: Daan De Meyer <daan.j.demeyer@gmail.com>
+Date: Fri, 4 Aug 2023 16:07:52 +0200
+Subject: [PATCH] Do not consider failures to write files in /sys hard errors
+
+systemd-tmpfiles can run in containers, chroots, ... where writing to /sys will fail, so let's suffix these lines with "-" to avoid considering these cases hard errors.
+
+Signed-off-by: Daan De Meyer <daan.j.demeyer@gmail.com>
+---
+ dist/tmpfiles.d/tpm2-tss-fapi.conf.in | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/dist/tmpfiles.d/tpm2-tss-fapi.conf.in b/dist/tmpfiles.d/tpm2-tss-fapi.conf.in
+index 7ea3c652..51ff78e5 100644
+--- a/dist/tmpfiles.d/tpm2-tss-fapi.conf.in
++++ b/dist/tmpfiles.d/tpm2-tss-fapi.conf.in
+@@ -3,5 +3,5 @@ d       @localstatedir@/lib/tpm2-tss/system/keystore   2775 tss  tss   -
+ a+      @localstatedir@/lib/tpm2-tss/system/keystore   -    -    -     -           default:group:tss:rwx
+ d       @runstatedir@/tpm2-tss/eventlog                2775 tss  tss   -           -
+ a+      @runstatedir@/tpm2-tss/eventlog                -    -    -     -           default:group:tss:rwx
+-z	/sys/kernel/security/tpm[0-9]/binary_bios_measurements	0440  root tss	-	    -
+-z	/sys/kernel/security/ima/binary_runtime_measurements	0440  root tss	-	    -
++z-	/sys/kernel/security/tpm[0-9]/binary_bios_measurements	0440  root tss	-	    -
++z-	/sys/kernel/security/ima/binary_runtime_measurements	0440  root tss	-	    -
+-- 
+2.43.0
+
diff --git a/app-crypt/tpm2-tss/tpm2-tss-4.0.1-r1.ebuild b/app-crypt/tpm2-tss/tpm2-tss-4.0.1-r1.ebuild
new file mode 100644
index 000000000000..558f221a5be8
--- /dev/null
+++ b/app-crypt/tpm2-tss/tpm2-tss-4.0.1-r1.ebuild
@@ -0,0 +1,109 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit autotools flag-o-matic linux-info multilib-minimal tmpfiles udev
+
+DESCRIPTION="TCG Trusted Platform Module 2.0 Software Stack"
+HOMEPAGE="https://github.com/tpm2-software/tpm2-tss"
+SRC_URI="https://github.com/tpm2-software/${PN}/releases/download/${PV}/${P}.tar.gz"
+
+LICENSE="BSD-2"
+SLOT="0/4"
+KEYWORDS="~amd64 ~arm ~arm64 ~loong ~ppc64 ~riscv ~x86"
+IUSE="doc +fapi +openssl mbedtls +policy static-libs test"
+RESTRICT="!test? ( test )"
+
+REQUIRED_USE="
+	^^ ( mbedtls openssl )
+	fapi? ( openssl !mbedtls )
+	policy? ( openssl !mbedtls )
+"
+
+RDEPEND="
+	acct-group/tss
+	acct-user/tss
+	sys-apps/util-linux:=[${MULTILIB_USEDEP}]
+	fapi? (
+		dev-libs/json-c:=[${MULTILIB_USEDEP}]
+		>=net-misc/curl-7.80.0[${MULTILIB_USEDEP}]
+	)
+	mbedtls? ( net-libs/mbedtls:=[${MULTILIB_USEDEP}] )
+	openssl? ( dev-libs/openssl:=[${MULTILIB_USEDEP}] )
+"
+
+DEPEND="
+	${RDEPEND}
+	test? ( app-crypt/swtpm
+		dev-libs/uthash
+		dev-util/cmocka
+		fapi? ( >=net-misc/curl-7.80.0 ) )
+"
+
+BDEPEND="
+	sys-apps/acl
+	virtual/pkgconfig
+	doc? ( app-text/doxygen )
+"
+
+PATCHES=(
+	"${FILESDIR}/${PN}-4.0.0-Dont-install-files-into-run.patch"
+	"${FILESDIR}/${PN}-4.0.1-Make-sysusers-and-tmpfiles-optional.patch"
+	"${FILESDIR}/${PN}-4.0.1-Do-not-consider-failures-to-write-files-in-sys-hard.patch"
+)
+
+pkg_setup() {
+	local CONFIG_CHECK="~TCG_TPM"
+	linux-info_pkg_setup
+	kernel_is ge 4 12 0 || ewarn "At least kernel 4.12.0 is required"
+}
+
+src_prepare() {
+	default
+	eautoreconf
+}
+
+multilib_src_configure() {
+	# Fails with inlining
+	filter-flags -fno-semantic-interposition
+	# tests fail with LTO enabbled. See bug 865275 and 865279
+	filter-lto
+
+	local myconf=(
+		--localstatedir=/var
+		$(multilib_native_use_enable doc doxygen-doc)
+		$(use_enable fapi)
+		$(use_enable policy)
+		$(use_enable static-libs static)
+		$(multilib_native_use_enable test unit)
+		$(multilib_native_use_enable test integration)
+		$(multilib_native_use_enable test self-generated-certificate)
+		--disable-tcti-libtpms
+		--disable-defaultflags
+		--disable-weakcrypto
+		--with-crypto="$(usex mbedtls mbed ossl)"
+		--with-runstatedir=/run
+		--with-udevrulesdir="$(get_udevdir)/rules.d"
+		--with-udevrulesprefix=60-
+		--without-sysusersdir
+		--with-tmpfilesdir="/usr/lib/tmpfiles.d"
+	)
+
+	ECONF_SOURCE=${S} econf "${myconf[@]}"
+}
+
+multilib_src_install() {
+	default
+	keepdir /var/lib/tpm2-tss/system/keystore
+	find "${ED}" -name '*.la' -delete || die
+}
+
+pkg_postinst() {
+	tmpfiles_process tpm2-tss-fapi.conf
+	udev_reload
+}
+
+pkg_postrm() {
+	udev_reload
+}